SpamBlocker-Powered exim.conf, Version 4

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,818
Location
GMT +7.00
Jeff,

I've never get stats from logs on how much SPAM is stopped according to this check. So if it's working then we might need to keep it. And I've never run into any issue with it. So this is the first case (reported by DutchTSE) known to me.
 

myH2Oservers

Verified User
Joined
Mar 13, 2006
Messages
228
Location
Netherlands
[root@xxx exim]# cat mainlog-20140706 | grep impersonating | wc -l
2533

Were all send to the same domain, but all from different IP addresses (i have replaced the actual domain by domain.nl):
2014-07-05 16:59:20 H=(domain.nl) [117.220.241.121] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:01:42 H=(domain.nl) [81.16.15.106] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:03:03 H=130-204-45-114.2073762043.ddns.cablebg.net (domain.nl) [130.204.45.114] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:05:07 H=(domain.nl) [213.111.146.216] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:05:53 H=(domain.nl) [91.200.138.241] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:07:10 H=(domain.nl) [31.170.150.67] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
2014-07-05 17:09:25 H=(domain.nl) [95.67.189.182] rejected EHLO or HELO domain.nl: Bad HELO - Host impersonating domain name [domain.nl]
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
8,904
Looks like eq makes sense for the $sender_helo_name vs $smtp_active_hostname check, I'll update the 4.3.x version in a moment.

Site-note: I'd use 4.3.x over 4.2.x... as 4.3.x has been getting updates. Some are for the ESF and BC, but those are optional, and not needed.
The changes to 4.3.x SpamBlocker itself are still beneficial, even without the ESF/BC being installed.
The "acl_script" ACL added in 4.3.x is a very handy feature, allowing command-line blocking if an account is at limit (prevents the emails from getting into the queue at all).
Then there's the
/etc/virtual/blacklist_usernames feature, which is handy if you need to quickly block a User account, without yet knowing how they're sending spam (blocks everything for that User)

John
 

cadmin

Verified User
Joined
Dec 24, 2012
Messages
19
Is it possible to disable recipient callout verification for specific domains?
After upgrading to CB2 and Spamblocker 4, I have a problem with some users sending out legitimate periodic emails to their customers which takes a few hours to send because the server verifies every single one of the hundreds recipient before completing the SMTP transaction.
 
Top